GSMA Network Equipment Security Assurance Scheme documentation

Find out more about the scheme, policies, processes, and procedures that define NESAS in the documentation on this page – from the current applicable release: NESAS 2.1. Simply search the 3GPP specifications that define the scheme, and the scheme’s processes and requirements from GSMA.


Please note that NESAS is designed to be improved iteratively. Therefore, all the lessons learnt from the application of NESAS will be considered and reflected in future releases. Updated releases will take feedback from the various stakeholders into account and will also strengthen NESAS’ ability to support equipment vendors to deliver continual security improvements.

If you would like to know more or speak to someone about GSMA NESAS, please get in touch.

Contact Us

3GPP Security Assurance Specifications

The following SCAS documents are published by 3GPP:

TS 33.116 Security Assurance Specification (SCAS) for the MME network product class
TS 33.117 Catalogue of general security assurance requirements
TS 33.216 Security Assurance Specification (SCAS) for the evolved Node B (eNB) network product class
TS 33.250 Security assurance specification for the PGW network product class
TS 33.511 Security Assurance Specification (SCAS) for the next generation Node B (gNodeB) network product class
TS 33.512 5G Security Assurance Specification (SCAS); Access and Mobility management Function (AMF)
TS 33.513 5G Security Assurance Specification (SCAS); User Plane Function (UPF)
TS 33.514 5G Security Assurance Specification (SCAS) for the Unified Data Management (UDM) network product class
TS 33.515 5G Security Assurance Specification (SCAS) for the Session Management Function (SMF) network product class
TS 33.516 5G Security Assurance Specification (SCAS) for the Authentication Server Function (AUSF) network product class
TS 33.517 5G Security Assurance Specification (SCAS) for the Security Edge Protection Proxy (SEPP) network product class
TS 33.518 5G Security Assurance Specification (SCAS) for the Network Repository Function (NRF) network product class
TS 33.519 5G Security Assurance Specification (SCAS) for the Network Exposure Function (NEF) network product class

GSMA Scheme Documents

The following documents are published by the GSMA

FS.13 – NESAS Overview v.2.1 This document provides an overview of the NESAS scheme allowing readers to familiarise themselves with NESAS.
FS.14 – NESAS Security Test Laboratory Accreditation v.2.1 This document defines the requirements for NESAS Security Test Laboratories and sets the standard against which accreditation is to be assessed and awarded.
FS.15 – NESAS Development and Lifecycle Assessment Methodology v.2.1 This document describes the assessment and audit process for NESAS Vendor Development and Product Lifecycle Processes.
FS.16 – NESAS Development and Lifecycle Security Requirements v.2.1 This document defines security requirements for an Equipment Vendor’s Development and Product Lifecycle Processes.
FS.46 – NESAS Audit Guidelines v.1.0 This document provides guidelines, tips and information on how to prepare for and carry out a Vendor Development and Product Lifecycle Process audit.
FS.47 – NESAS Product and Evidence Evaluation Methodology v.1.0 This document describes how the NESAS product and evidence evaluation is done at the procedural and operational level.